<?php
require_once 'vendor/autoload.php';
use TencentCloud\Common\Credential;
use TencentCloud\Common\Profile\ClientProfile;
use TencentCloud\Common\Profile\HttpProfile;
use TencentCloud\Common\Exception\TencentCloudSDKException;
use TencentCloud\Vpc\V20170312\VpcClient;
use TencentCloud\Vpc\V20170312\Models\CreateSecurityGroupPoliciesRequest;
use TencentCloud\Vpc\V20170312\Models\DeleteSecurityGroupPoliciesRequest;
use TencentCloud\Vpc\V20170312\Models\DescribeSecurityGroupPoliciesRequest;


class Tencent {

    static $SecurityGroupId = "sg-*******";//你的安全组名称

    static $SecretId = "AKIDlL**********";//账号SecretId

    static $SecretKey = "KN9eL**********";//账号SecretKey

    public static function delete($ip){
        $cred = new Credential(Tencent::$SecretId, Tencent::$SecretKey);
        $httpProfile = new HttpProfile();
        $httpProfile->setEndpoint("vpc.tencentcloudapi.com");

        $clientProfile = new ClientProfile();
        $clientProfile->setHttpProfile($httpProfile);
        $client = new VpcClient($cred, "ap-guangzhou", $clientProfile);

        $req = new DescribeSecurityGroupPoliciesRequest();

        $params = array(
            "SecurityGroupId" => Tencent::$SecurityGroupId,
        );
        $req->fromJsonString(json_encode($params));

        $resp = $client->DescribeSecurityGroupPolicies($req);

        $result = json_decode($resp->toJsonString(), true);

        $polic_index = "";
        foreach($result['SecurityGroupPolicySet']['Ingress'] as $k=>$v){
            if($v['Port'] == "22022"){
                $polic_index= $v['PolicyIndex'];
            }
        }

        if(empty($polic_index)){
            return false;
        }

        $req = new DeleteSecurityGroupPoliciesRequest();

        $params = array(
            "SecurityGroupId" => Tencent::$SecurityGroupId,
            "SecurityGroupPolicySet" => array(
                "Ingress" => array(
                    array(
                        "PolicyIndex" => $polic_index,
                        "Protocol" => "TCP",
                        "Port" => "22022",
                        "CidrBlock" => "{$ip}",
                        "Action" => "DROP",
                        "PolicyDescription" => "公司ip"
                    )
                )
            )
        );
        $req->fromJsonString(json_encode($params));

        $resp = $client->DeleteSecurityGroupPolicies($req);

        $result = json_decode($resp->toJsonString(), true);
        return $result;
    }

    public static function add($ip){
        $cred = new Credential(Tencent::$SecretId, Tencent::$SecretKey);
        $httpProfile = new HttpProfile();
        $httpProfile->setEndpoint("vpc.tencentcloudapi.com");
        $clientProfile = new ClientProfile();
        $client = new VpcClient($cred, "ap-guangzhou", $clientProfile);
        $clientProfile->setHttpProfile($httpProfile);

        $req = new DescribeSecurityGroupPoliciesRequest();

        $params = array(
            "SecurityGroupId" => Tencent::$SecurityGroupId,
        );
        $req->fromJsonString(json_encode($params));

        $resp = $client->DescribeSecurityGroupPolicies($req);

        $result = json_decode($resp->toJsonString(), true);

        $polic_index = "";
        foreach($result['SecurityGroupPolicySet']['Ingress'] as $k=>$v){
            if($v['Port'] == "22022"){
                $polic_index= $v['PolicyIndex'];
            }
        }

        if(!empty($polic_index)){
            return false;
        }

        $req = new CreateSecurityGroupPoliciesRequest();

        $params = array(
            "SecurityGroupId" => Tencent::$SecurityGroupId,
            "SecurityGroupPolicySet" => array(
                "Ingress" => array(
                    array(
                        "Protocol" => "TCP",
                        "Port" => "22022",
                        "CidrBlock" => "{$ip}",
                        "Action" => "ACCEPT",
                        "PolicyDescription" => "公司ip"
                    )
                )
            )
        );
        $req->fromJsonString(json_encode($params));
        $resp = $client->CreateSecurityGroupPolicies($req);
        $result = json_decode($resp->toJsonString(), true);
        return $result;
    }


}


